Thursday, November 27, 2008

Attackers shoot to WireShark.

Every application might be vulnerable, and this is a really old concept. Nothing new, but reading that someone discovered an DoS attack to WireShark, one of the most used packet analyzer, makes me strange.
I frequently use it, during my university classes, during my external courses and also during company working time, but never I thought that it could be a potential whole in my system. That's, to me, it's a great example of what I call "Bar Security".
Following the original post:

On Nov 2008, Security Vulnerability Research Team of Bkis (SVRT-Bkis) has
detected a vulnerability underlying WireShark 1.0.4 (lastest version).

The flaw is in the function processing SMTP protocol and enables hacker to
perform a DoS attack by sending a SMTP request with large content to port
25. The application then enter a large loop and cannot do anything else.

We have contacted the vendor of Wireshark. They fixed this vulnerability for
Wireshark 1.0.5 but they haven't released the official version yet. Details
is here :

SVRT Advisory : SVRT-04-08
Initial vendor notification : 11-14-2008
Release Date : 11-22-2008
Update Date : 11-22-2008
Discovered by : SVRT-Bkis
Security Rating : Less Critical
Impact : DoS
Affected Software :Wireshark 1.0.4 (prev is vulnerable)

2. Solution

Althrough the official version for this vulnerability hasn't been released
yet, the vendor has updated the fix in the prerelease Wireshark 1.0.5.

Download the prerelease version of Wireshark 1.0.5 here:

Thank you guys for this interesting contribute that you've done proving that nothing is actually safe.

Friday, November 21, 2008


This is History, Good Job President Obama !

Sunday, November 16, 2008

DDoS attacks threaten ISP infrastructure

The important report " WorldWide Security Report" released Tuesday, was based on how 70 lead security engineers responded to 90 questions. These the results:

It's impressive knowing DDOS attacks are increasing year by year. A DDOS attack assume that in your networks are present many zombies which means lots of opened vulnerabilities.

Futureland Plants.

Thanks to Flikr:

An amazing futuristic "flower".

Monday, November 10, 2008

The Coolest IT Security Jobs

Directly from GCN the first 10 positions on "Coolest Security Job", I like them:

1. Information security crime investigator/forensics expert
2. System, network and/or Web penetration tester
3. Forensics analyst
4 (tie). Incident response, incident handler
4 (tie). Security architect
6. Vulnerability researcher
7 (tie). Network security engineer
10 (tie). CISO/ISO or director of sec
10 (tie). Application penetration tester

Why it’s cool: “You’re an 'ethical hacker'. “It takes equal parts technical ability and creativity,” “Combines applying different thought processes to system analysis with exploration tools, and a sort of dangerous level of knowledge.”

Monday, November 3, 2008

Doom9 Break BD+

Hey guys, do you remember that BD+, the Blue-ray copy protection system, should be safe at least 10 years ? Well actually it's very wrong ! Some Doom9 hacker/s have discovered the BD+ "gap" in this post .

Here the main sections (thanks to Oopho2ei user) :

Thank you guys, this is an amazing project !